Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
☆40Dec 9, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-NTAPI-Injector
Users that are interested in Windows-NTAPI-Injector are comparing it to the libraries listed below
Sorting:
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- Making Shellcode fully undetectable using uuid☆23May 7, 2021Updated 4 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- ☆36Sep 7, 2020Updated 5 years ago
- ☆26May 22, 2021Updated 4 years ago
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆14Mar 21, 2022Updated 3 years ago
- An x64 binary executing code that's not inside of it.☆17Feb 28, 2023Updated 3 years ago
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- Loads shellcode from a resource file.☆22Aug 15, 2019Updated 6 years ago
- ☆16May 14, 2021Updated 4 years ago
- Indirect Syscall invocation via thread hijacking☆26May 5, 2023Updated 2 years ago
- Hacky code for extracting calls in DLLs by function☆17Jun 3, 2022Updated 3 years ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Interactive Windows Reverse Shell Server/Client☆42Feb 24, 2021Updated 5 years ago
- ☆11Jan 29, 2021Updated 5 years ago
- Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate☆22Jan 28, 2021Updated 5 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆236Mar 8, 2023Updated 3 years ago
- Applying some AV evasion techniques on a metasploit reverse shell☆18Nov 12, 2020Updated 5 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Shellcode injector using direct syscalls☆123Aug 17, 2020Updated 5 years ago
- Get/dump chrome and firefox saved passwords.☆20Sep 13, 2020Updated 5 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Jul 6, 2019Updated 6 years ago
- Loader that loads shellcode from UUID's☆23Aug 21, 2025Updated 6 months ago
- ☆12Aug 28, 2017Updated 8 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- HTTPS GET RAT and Memory Loader☆26Jun 10, 2025Updated 9 months ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- dll文件加解密和内存加载☆128Oct 18, 2018Updated 7 years ago
- 寻找可注入进程☆13Jul 16, 2020Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Example code for EDR bypassing☆151Mar 7, 2019Updated 7 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆110Apr 12, 2020Updated 5 years ago
- transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV☆50Jan 19, 2021Updated 5 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Mar 7, 2023Updated 3 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- MSVC C++ resource example☆11Jun 28, 2018Updated 7 years ago